External Login Providers

What are External Login Providers?

External login providers allow users to sign in using their existing accounts from services like Google, Microsoft, Facebook, GitHub, etc.

Benefits

• No password management: Users don't create new passwords
• Faster registration: One-click sign-up
• Trusted providers: Users trust Google/Microsoft security
• Less liability: Provider handles password security

Google Authentication

1. Install Package

dotnet add package Microsoft.AspNetCore.Authentication.Google

2. Get Google Credentials

1. Go to Google Cloud Console
2. Create a new project
3. Enable Google+ API
4. Create OAuth 2.0 credentials
5. Add authorized redirect URI: https://localhost:5001/signin-google

3. Configure Google Authentication

builder.Services.AddAuthentication()
    .AddGoogle(options =>
    {
        options.ClientId = builder.Configuration["Google:ClientId"]!;
        options.ClientSecret = builder.Configuration["Google:ClientSecret"]!;
    });

Microsoft Authentication

1. Install Package

dotnet add package Microsoft.AspNetCore.Authentication.MicrosoftAccount

2. Configure Microsoft Authentication

builder.Services.AddAuthentication()
    .AddMicrosoftAccount(options =>
    {
        options.ClientId = builder.Configuration["Microsoft:ClientId"]!;
        options.ClientSecret = builder.Configuration["Microsoft:ClientSecret"]!;
    });

Facebook Authentication

1. Install Package

dotnet add package Microsoft.AspNetCore.Authentication.Facebook

2. Configure Facebook Authentication

builder.Services.AddAuthentication()
    .AddFacebook(options =>
    {
        options.AppId = builder.Configuration["Facebook:AppId"]!;
        options.AppSecret = builder.Configuration["Facebook:AppSecret"]!;
    });

Handling External Login

[HttpPost]
public IActionResult ExternalLogin(string provider)
{
    var redirectUrl = Url.Action("ExternalLoginCallback");
    var properties = _signInManager.ConfigureExternalAuthenticationProperties(provider, redirectUrl);
    return new ChallengeResult(provider, properties);
}

public async Task<IActionResult> ExternalLoginCallback()
{
    var info = await _signInManager.GetExternalLoginInfoAsync();
    if (info == null)
        return RedirectToAction("Login");

    // Sign in with external provider
    var result = await _signInManager.ExternalLoginSignInAsync(
        info.LoginProvider, 
        info.ProviderKey, 
        isPersistent: false);

    if (result.Succeeded)
        return RedirectToAction("Index", "Home");

    // User doesn't exist, create account
    var email = info.Principal.FindFirstValue(ClaimTypes.Email);
    var user = new ApplicationUser { UserName = email, Email = email };
    
    var createResult = await _userManager.CreateAsync(user);
    if (createResult.Succeeded)
    {
        await _userManager.AddLoginAsync(user, info);
        await _signInManager.SignInAsync(user, isPersistent: false);
        return RedirectToAction("Index", "Home");
    }

    return RedirectToAction("Login");
}

Login View

<form asp-action="ExternalLogin" method="post">
    <button type="submit" name="provider" value="Google" class="btn btn-danger">
        Login with Google
    </button>
    
    <button type="submit" name="provider" value="Microsoft" class="btn btn-primary">
        Login with Microsoft
    </button>
    
    <button type="submit" name="provider" value="Facebook" class="btn btn-info">
        Login with Facebook
    </button>
</form>

Key Takeaways

• External providers: Google, Microsoft, Facebook, GitHub, etc.
• AddGoogle(): Configure Google authentication
• AddMicrosoftAccount(): Configure Microsoft authentication
• AddFacebook(): Configure Facebook authentication
• ExternalLoginSignInAsync(): Sign in with external provider
• Benefits: No password management, faster registration